Support host specific keys

tailscale · Feb 12, 2024 · 5745e44 · 5745e44
1 parent 63a9c89
commit 5745e44
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 3 deletions.
diff --git a/Caddyfile b/Caddyfile
@@ -1,5 +1,12 @@
 {
 	order tailscale_auth after basicauth
+	tailscale {
+		auth_key "tskey-auth-"
+
+		caddy {
+			auth_key "tskey-auth-caddy"
+		}
+	}
 }
 
 :80 {

diff --git a/module.go b/module.go
@@ -107,7 +107,6 @@ func getServer(_, addr string) (*tsnetServerDestructor, error) {
 
 		if host != "" {
 			s.AuthKey = getAuthKey(host)
-			log.Println("auth_key", s.AuthKey)
 
 			// Set config directory for tsnet.  By default, tsnet will use the name of the
 			// running program, but we include the hostname as well so that a single
@@ -134,6 +133,11 @@ func getServer(_, addr string) (*tsnetServerDestructor, error) {
 }
 
 func getAuthKey(host string) string {
+	hostAuthKey, loaded := app.LoadOrStore(host, "")
+	if loaded {
+		return hostAuthKey.(TSServer).AuthKey
+	}
+
 	storedAuthKey, loaded := app.LoadOrStore(authUsageKey, "")
 	if loaded {
 		return storedAuthKey.(string)

diff --git a/module_test.go b/module_test.go
@@ -35,8 +35,9 @@ func Test_GetAuthKey(t *testing.T) {
 			host: testHost,
 		},
 		"host key from environment": {
-			want: testHostKey,
-			host: testHost,
+			want:    testHostKey,
+			skipApp: true,
+			host:    testHost,
 		},
 	}
 	for name, tt := range tests {